According to BlackFog, damage costs due to ransomware are set to hit a whopping 20 billion dollars by the end of 2021. If the costs aren’t enough to scare you, even more terrifying is the disruption of operations ransomware brings to organizations. For this reason, ransomware is top of mind for many boardrooms across the world. Discussions around cybersecurity and threat mitigation are occurring as businesses realize that their most valued asset, their data, is the key target for this ever-widening criminal enterprise.

As businesses shift their focus to security, some ransomware hackers are now targeting backup data, and not just production data. In order for organizations to stay afloat, the time for everyone to rethink their data security strategy is now.

Rubrik Zero Trust Data Security™

Rubrik places a strong emphasis on a Zero Trust architecture, ensuring security is never an afterthought, and a core design element embedded within the platform. At the heart of Rubrik lies a purpose-built filesystem that never allows data, once written, to be modified. Additionally, the file system creates a logical air gap that protects data by ensuring it is never openly available on the network. On top of this, many enhanced security features are native to the system, including encryption (at rest and in-flight), granular Role-Based Access Control (RBAC), retention locking, and even solutions based on Ransomware Investigation and Sensitive Data Discovery. Now, we are happy to add even more security-related features to that list. Let’s discuss a couple below.

MFA Everywhere

Multi-Factor Authentication (MFA) is a fundamental security mechanism that organizations can proactively leverage to defend against attackers. In Rubrik, enabling MFA ensures that even if a user’s credentials are compromised, the bad guys would still need to have access to a device that generates an additional Time-based One-Time Password. Without this access, attackers are unable to fully authenticate themselves into the Rubrik platform, leaving them dead in the water. Rubrik understands that an organization’s backups are their last and best line of defense and that they should be properly safeguarded as so. This is why we offer the ability to enable MFA globally across the entire Rubrik platform.

 


Ensuring your backups are protected with MFA in Rubrik might seem like a trivial task, but it takes one giant proactive step in the fight against ransomware.

API Security Enhancements

Rubrik takes pride in the fact that we provide a true, API-first architecture. Every operation within the UI simply calls an underlying API in order to perform a specific function. Our customers have long taken advantage of this architectural decision, building custom scripts and integrating Rubrik into their current automation workflows. Striking the balance between accessibility and security within automation is tough, and at times, credentials and API tokens are not properly secured. To help alleviate any potential repercussions of a breach, by default, Rubrik will now restrict access to API endpoints that have the potential to cause data disruption. 
 


By default, certain API endpoints will be restricted, however, organizations can easily designate certain API tokens as safe. These tokens then have the proper permissions to consume the privileged API endpoints, allowing automation and security to live in harmony.

The idea of an organization going through an attack is not far-fetched and It’s important we take all of the necessary steps to proactively ensure we can recover. After all, we’ve taken all of these backups, why not put them to use? Rubrik Zero Trust Data Security is here to help, ensuring your data can be recovered, and your business can get back to work. In fact, we even back this up with a $5M Ransomware Recovery Warranty, delivering the ultimate peace of mind. 

To learn more about the Rubrik approach to data security, check out our session at the Data Security Spotlight on Zero Trust Data Protection.